mirror of
https://github.com/gchq/CyberChef
synced 2025-01-12 04:28:53 +00:00
fix: Blowfish - ignore IV length in ECB mode
Fixes https://github.com/gchq/CyberChef/issues/1895.
This commit is contained in:
parent
d635cca210
commit
1fce8e5112
3 changed files with 21 additions and 9 deletions
|
@ -76,8 +76,8 @@ class BlowfishDecrypt extends Operation {
|
||||||
Blowfish's key length needs to be between 4 and 56 bytes (32-448 bits).`);
|
Blowfish's key length needs to be between 4 and 56 bytes (32-448 bits).`);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (iv.length !== 8) {
|
if (mode !== "ECB" && iv.length !== 8) {
|
||||||
throw new OperationError(`Invalid IV length: ${iv.length} bytes. Expected 8 bytes`);
|
throw new OperationError(`Invalid IV length: ${iv.length} bytes. Expected 8 bytes.`);
|
||||||
}
|
}
|
||||||
|
|
||||||
input = Utils.convertToByteString(input, inputType);
|
input = Utils.convertToByteString(input, inputType);
|
||||||
|
|
|
@ -72,12 +72,12 @@ class BlowfishEncrypt extends Operation {
|
||||||
|
|
||||||
if (key.length < 4 || key.length > 56) {
|
if (key.length < 4 || key.length > 56) {
|
||||||
throw new OperationError(`Invalid key length: ${key.length} bytes
|
throw new OperationError(`Invalid key length: ${key.length} bytes
|
||||||
|
|
||||||
Blowfish's key length needs to be between 4 and 56 bytes (32-448 bits).`);
|
Blowfish's key length needs to be between 4 and 56 bytes (32-448 bits).`);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (iv.length !== 8) {
|
if (mode !== "ECB" && iv.length !== 8) {
|
||||||
throw new OperationError(`Invalid IV length: ${iv.length} bytes. Expected 8 bytes`);
|
throw new OperationError(`Invalid IV length: ${iv.length} bytes. Expected 8 bytes.`);
|
||||||
}
|
}
|
||||||
|
|
||||||
input = Utils.convertToByteString(input, inputType);
|
input = Utils.convertToByteString(input, inputType);
|
||||||
|
|
|
@ -1579,19 +1579,31 @@ DES uses a key length of 8 bytes (64 bits).`,
|
||||||
from Crypto.Cipher import Blowfish
|
from Crypto.Cipher import Blowfish
|
||||||
import binascii
|
import binascii
|
||||||
|
|
||||||
input_data = b"The quick brown fox jumps over the lazy dog."
|
# Blowfish cipher parameters - key, mode, iv, segment_size, nonce
|
||||||
key = binascii.unhexlify("0011223344556677")
|
key = binascii.unhexlify("0011223344556677")
|
||||||
iv = binascii.unhexlify("0000000000000000")
|
|
||||||
mode = Blowfish.MODE_CBC
|
mode = Blowfish.MODE_CBC
|
||||||
|
kwargs = {}
|
||||||
|
iv = binascii.unhexlify("ffeeddccbbaa9988")
|
||||||
|
if mode in [Blowfish.MODE_CBC, Blowfish.MODE_CFB, Blowfish.MODE_OFB]:
|
||||||
|
kwargs = {"iv": iv}
|
||||||
|
if mode == Blowfish.MODE_CFB:
|
||||||
|
kwargs["segment_size"] = 64
|
||||||
|
if mode == Blowfish.MODE_CTR:
|
||||||
|
nonce = binascii.unhexlify("0000000000000000")
|
||||||
|
nonce = nonce[:7]
|
||||||
|
kwargs["nonce"] = nonce
|
||||||
|
|
||||||
|
cipher = Blowfish.new(key, mode, **kwargs)
|
||||||
|
|
||||||
|
# Input data and padding
|
||||||
|
input_data = b"The quick brown fox jumps over the lazy dog."
|
||||||
if mode == Blowfish.MODE_ECB or mode == Blowfish.MODE_CBC:
|
if mode == Blowfish.MODE_ECB or mode == Blowfish.MODE_CBC:
|
||||||
padding_len = 8-(len(input_data) & 7)
|
padding_len = 8-(len(input_data) & 7)
|
||||||
for i in range(padding_len):
|
for i in range(padding_len):
|
||||||
input_data += bytes([padding_len])
|
input_data += bytes([padding_len])
|
||||||
|
|
||||||
cipher = Blowfish.new(key, mode) # set iv, nonce, segment_size etc. here
|
# Encrypted text
|
||||||
cipher_text = cipher.encrypt(input_data)
|
cipher_text = cipher.encrypt(input_data)
|
||||||
|
|
||||||
cipher_text = binascii.hexlify(cipher_text).decode("UTF-8")
|
cipher_text = binascii.hexlify(cipher_text).decode("UTF-8")
|
||||||
|
|
||||||
print("Encrypted: {}".format(cipher_text))
|
print("Encrypted: {}".format(cipher_text))
|
||||||
|
|
Loading…
Reference in a new issue